AI-BASED INTRUSION DETECTION FRAMEWORK

Abstract

The increasing pace of cyber threats has enormous threats to the confidentiality, integrity, and availability of a network. Defense Intrusion Detection System (IDS) is one of the most important defense mechanisms and traditional signature-based systems have problems with unheard-before attacks. The article presents an artificial-intelligence (AI)-based IDS that integrates three hybrid deep learning models, which are a Convolutional Neural NetworkLong Short-Term Memory (CNN-LSTM) network, a Bidirectional LSTM with attention mechanism (BiLSTM Attention) network, and an Autoencoder with a Random Forest (AERF) classifier. The models are tested on NSL-KDD and CICIDS2017 benchmark datasets after a single preprocessing pipeline, which incorporates data cleaning, normalization, categorical features encoding, statistical feature selection and Synthetic Minority Over-Sampling Technique (SMOTE)-based balancing of classes. On both datasets, experimental results demonstrate almost perfect recall and F1-scores. CNN-LSTM, AERF and a combination of the three models have high and complimentary performance in various categories of attacks. The high detection rates and the low false-alarm rates are validated through Receiver Operating Characteristic (ROC) and Precision Recall (PR) curves along with confusion matrices. Overall, the proposed framework demonstrates strong scalability and generalization capability, highlighting its potential for deployment in modern network cybersecurity environments.